Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/pNHr52twfUMoA6Jh4bcuRex2Eqs.roa
File: pNHr52twfUMoA6Jh4bcuRex2Eqs.roa (raw, json)
Hash identifier: 71lFugrlJ0fBQK3N5kc6FhL+HX9UFqIbgHtHTx9Juug=
Subject key identifier: A4:D1:EB:E7:6B:70:7D:43:28:03:A2:61:E1:B7:2E:45:EC:76:12:AB
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 0193493831D0227D0BD2466408C0BE5A844D
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/pNHr52twfUMoA6Jh4bcuRex2Eqs.roa
Signing time: Wed 20 Nov 2024 10:57:19 +0000
ROA not before: Wed 20 Nov 2024 10:57:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 24
89.248.96.0/24 maxlen: 24
89.248.97.0/24 maxlen: 24
89.248.98.0/24 maxlen: 24
89.248.99.0/24 maxlen: 24
89.248.100.0/24 maxlen: 24
89.248.101.0/24 maxlen: 24
89.248.102.0/24 maxlen: 24
89.248.103.0/24 maxlen: 24
89.248.104.0/24 maxlen: 24
89.248.105.0/24 maxlen: 24
89.248.106.0/24 maxlen: 24
89.248.107.0/24 maxlen: 24
89.248.108.0/24 maxlen: 24
89.248.109.0/24 maxlen: 24
89.248.110.0/24 maxlen: 24
93.174.0.0/21 maxlen: 24
93.174.1.0/24 maxlen: 24
93.174.2.0/24 maxlen: 24
93.174.3.0/24 maxlen: 24
93.174.4.0/24 maxlen: 24
93.174.5.0/24 maxlen: 24
93.174.6.0/24 maxlen: 24
93.174.7.0/24 maxlen: 24
185.15.76.0/22 maxlen: 24
185.15.76.0/24 maxlen: 24
185.15.77.0/24 maxlen: 24
185.80.4.0/22 maxlen: 24
185.80.6.0/24 maxlen: 24
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 26 Dec 2024 15:13:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:38:31:d0:22:7d:0b:d2:46:64:08:c0:be:5a:84:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Nov 20 10:57:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4d1ebe76b707d432803a261e1b72e45ec7612ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:96:60:a4:1b:ef:9b:c2:21:46:7c:44:a5:
fe:aa:5c:b7:85:7c:67:73:02:53:fe:09:15:fa:1c:
96:5d:71:e2:e6:53:ac:8c:75:29:c4:25:5d:02:28:
0c:f0:7b:7b:c0:cb:7b:d1:7e:26:c2:11:ad:96:71:
13:15:6e:b7:60:b8:f5:2c:d2:45:bf:74:e3:7c:ff:
0f:45:c0:bf:3b:a1:8c:2c:9a:b3:55:a1:0c:69:1d:
45:29:4a:81:c4:02:2f:93:88:da:6b:90:1f:22:d7:
52:9c:d9:e0:45:52:f9:a4:9e:c5:b3:f5:49:8d:2b:
a1:f6:77:09:98:95:1a:9c:02:6d:9a:f0:8d:26:6e:
69:f2:07:74:ca:55:b4:ed:35:a3:b6:a9:84:b6:1d:
91:63:e7:72:c0:e7:80:06:14:a1:43:58:9d:b1:99:
e7:0f:26:f3:06:e8:39:8c:ff:1b:8e:c7:98:ec:61:
0b:dc:5e:1e:0a:4b:41:ab:ef:00:95:01:3b:00:e2:
39:c3:b6:e9:32:ed:db:65:25:5e:67:c7:e5:c6:01:
fa:46:65:c8:78:c2:8f:49:af:14:bd:11:a6:ac:9f:
a1:33:e0:cf:1a:f4:32:43:2d:fc:13:11:ce:21:b1:
9e:6e:4b:2d:f2:b4:a3:b4:ea:f2:06:2c:00:64:29:
67:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D1:EB:E7:6B:70:7D:43:28:03:A2:61:E1:B7:2E:45:EC:76:12:AB
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/pNHr52twfUMoA6Jh4bcuRex2Eqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
7e:4a:18:df:19:31:2c:d4:d3:92:76:53:18:7f:e4:e8:f8:43:
43:d5:5e:cf:a1:7f:72:01:b7:55:3f:af:ee:05:76:f2:fe:26:
9b:d7:6b:c9:7e:be:68:b2:36:4c:a7:37:f0:1a:86:0f:6c:42:
cc:7b:96:c7:71:e8:5a:e9:29:5b:8f:43:65:77:e8:e5:08:c6:
d5:f0:ac:95:95:5a:28:70:aa:f4:f6:c2:1b:9f:a7:91:08:63:
b7:49:28:e0:1e:46:dc:af:5e:88:a0:bc:93:86:cb:04:d4:7f:
e7:72:f0:d7:43:eb:d4:b4:68:4f:d5:70:b9:3f:11:e6:09:83:
b1:bf:45:32:11:b3:f3:41:1a:36:2d:69:a1:62:41:9e:f7:4f:
c8:bf:c0:b5:ff:54:2d:f7:60:64:58:d2:26:20:22:5b:53:a7:
1d:3d:24:6a:65:a8:58:6d:6a:5d:01:2e:39:a1:d8:f3:f1:03:
69:e0:73:0b:b7:18:c3:bc:32:64:eb:68:86:ea:e2:77:a5:5b:
97:5a:98:1e:40:2b:e9:09:25:ef:3e:a4:a2:a2:5d:ca:60:7d:
99:76:4f:be:aa:85:f4:a1:3c:95:a2:67:b8:bb:ad:f0:db:89:
70:d6:b4:6f:4b:cb:e2:0b:4c:9a:91:14:d8:29:20:7b:49:01:
f4:72:b5:f2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZNJODHQIn0L0kZkCMC+WoRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjQxMTIwMTA1NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGQxZWJlNzZiNzA3ZDQzMjgwM2EyNjFlMWI3MmU0NWVjNzYxMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzGWYKQb75vCIUZ8RKX+qly3hXxn
cwJT/gkV+hyWXXHi5lOsjHUpxCVdAigM8Ht7wMt70X4mwhGtlnETFW63YLj1LNJF
v3TjfP8PRcC/O6GMLJqzVaEMaR1FKUqBxAIvk4jaa5AfItdSnNngRVL5pJ7Fs/VJ
jSuh9ncJmJUanAJtmvCNJm5p8gd0ylW07TWjtqmEth2RY+dywOeABhShQ1idsZnn
DybzBug5jP8bjseY7GEL3F4eCktBq+8AlQE7AOI5w7bpMu3bZSVeZ8flxgH6RmXI
eMKPSa8UvRGmrJ+hM+DPGvQyQy38ExHOIbGebkst8rSjtOryBiwAZClnxwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKTR6+drcH1DKAOiYeG3LkXsdhKrMB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvcE5IcjUydHdmVU1vQTZKaDRiY3VSZXgyRXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEMA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEBCwUAA4IB
AQB+ShjfGTEs1NOSdlMYf+To+END1V7PoX9yAbdVP6/uBXby/iab12vJfr5osjZM
pzfwGoYPbELMe5bHceha6Slbj0Nld+jlCMbV8KyVlVoocKr09sIbn6eRCGO3SSjg
Hkbcr16IoLyThssE1H/ncvDXQ+vUtGhP1XC5PxHmCYOxv0UyEbPzQRo2LWmhYkGe
90/Iv8C1/1Qt92BkWNImICJbU6cdPSRqZahYbWpdAS45odjz8QNp4HMLtxjDvDJk
62iG6uJ3pVuXWpgeQCvpCSXvPqSiol3KYH2Zdk++qoX0oTyVome4u63w24lw1rRv
S8viC0yakRTYKSB7SQH0crXy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:14 2025 by rpki-client